> On 22 Sep 2016, at 12:49 PM, Scott D Anderson <scott.ander...@wellesley.edu> 
> wrote:
> I'm now able to successfully run my script as a user other than Apache, 
> thanks to Graham's help. I now want to replicate the "suexec" aspect of CGI 
> and allow different scripts to run as different users. (I don't necessarily 
> need Apache to "su" to the script's owner; I'm willing to hard-code that.)
> I created an Apache .conf file to set up two scripts with different users. 
> (The two scripts are identical; they just have different names):
> LogLevel info
> # My thanks to Graham Dumpleton for this addition
> WSGISocketPrefix /var/run/wsgi
> WSGIScriptAlias /scottapp /home/anderson/public_html/myapp-scott.wsgi
> WSGIDaemonProcess scottapp user=anderson
> WSGIProcessGroup scottapp
> WSGIScriptAlias /cs304app /home/anderson/public_html/myapp-cs304.wsgi
> WSGIDaemonProcess cs304app user=cs304
> WSGIProcessGroup cs304app
> Both urls are running as the "cs304" user; neither runs as "anderson". So, it 
> seems the second value overwrote the first, and that there can be only one 
> value for WSGIDaemonProcess.  Is that right?  I've read and re-read the docs 
> on WSGIDaemonProcess and WSGIProcessGroup, and I can't be sure.
> Is there a way to get the behavior I want, where I can have each allowed user 
> to run their script as their personal UID, instead of as Apache?


WSGIDaemonProcess scottapp user=anderson
WSGIScriptAlias /scottapp /home/anderson/public_html/myapp-scott.wsgi 

WSGIDaemonProcess cs304app user=cs304
WSGIScriptAlias /cs304app /home/anderson/public_html/myapp-cs304.wsgi 

If you set WSGIProcessGroup in same context, the last one will win. You would 
either need to qualify it with a Location/Directory directive, or just use 
those options on WSGIScriptAlias to force it to use that daemon process group. 
The WSGIDaemonProcess directive for a group must come before WSGIScriptAlias 
using it when doing that.


You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Reply via email to